authentication

Using Authy? Beware of impending phishing attempts

Using Authy? Beware of impending phishing attempts 2024-07-11 at 15:46 By Zeljka Zorz Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops the […]

React to this headline:

Loading spinner

Using Authy? Beware of impending phishing attempts Read More »

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro 2024-07-01 at 07:01 By Help Net Security In today’s fast-paced business world, protecting digital identities and optimizing daily workflows are crucial. The iShield Key Pro series from Swissbit addresses these challenges by offering top-notch security combined with effortless usability. Let’s delve into how the iShield

React to this headline:

Loading spinner

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro Read More »

From passwords to passkeys: Enhancing security and user satisfaction

From passwords to passkeys: Enhancing security and user satisfaction 2024-06-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Julianna Lamb, Stytch CTO, discusses the advantages of passwordless authentication. Eliminating passwords reduces data breaches and improves user experience by simplifying the login process. Lamb also addresses the technical challenges and economic implications of

React to this headline:

Loading spinner

From passwords to passkeys: Enhancing security and user satisfaction Read More »

Preparing for a post-quantum future

Preparing for a post-quantum future 2024-06-18 at 06:31 By Help Net Security Post-quantum cryptography (PQC) is a hot topic. A recent paper from Tsinghua University raised doubts about lattice-based cryptography for PQC, though an error was found. This has sparked questions about the strength of soon-to-be-standardized PQC algorithms. In this Help Net Security video, Kevin

React to this headline:

Loading spinner

Preparing for a post-quantum future Read More »

The rise of SaaS security teams

The rise of SaaS security teams 2024-06-17 at 07:31 By Mirko Zorz In this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights that the recent surge in organizations establishing dedicated SaaS security teams is driven by significant data breaches involving widely used platforms. What motivated the recent surge in

React to this headline:

Loading spinner

The rise of SaaS security teams Read More »

Identity-related incidents becoming severe, costing organizations a fortune

Identity-related incidents becoming severe, costing organizations a fortune 2024-05-30 at 06:09 By Help Net Security With the rise of identity sprawl and system complexity, more businesses are suffering identity-related incidents than ever before, according to IDSA. Identity-related incidents in headlines Identity-related incidents continue to dominate today’s headlines. Clorox, MGM, and Caesars fell prey to social

React to this headline:

Loading spinner

Identity-related incidents becoming severe, costing organizations a fortune Read More »

Authelia: Open-source authentication and authorization server

Authelia: Open-source authentication and authorization server 2024-05-22 at 07:33 By Mirko Zorz Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests. Authelia connects directly to the reverse proxy but never to the application backends.

React to this headline:

Loading spinner

Authelia: Open-source authentication and authorization server Read More »

Consumers continue to overestimate their ability to spot deepfakes

Consumers continue to overestimate their ability to spot deepfakes 2024-05-20 at 06:31 By Help Net Security The Jumio 2024 Online Identity Study reveals significant consumer concerns about the risks posed by generative AI and deepfakes, including the potential for increased cybercrime and identity fraud. The study examined the views of more than 8,000 adult consumers,

React to this headline:

Loading spinner

Consumers continue to overestimate their ability to spot deepfakes Read More »

The importance of access controls in incident response

The importance of access controls in incident response 2024-05-17 at 12:31 By Help Net Security The worst time to find out your company doesn’t have adequate access controls is when everything is on fire. The worst thing that can happen during an incident is that your development and operations teams are blocked from solving the

React to this headline:

Loading spinner

The importance of access controls in incident response Read More »

How secure is the “Password Protection” on your files and drives?

How secure is the “Password Protection” on your files and drives? 2024-05-10 at 08:31 By Help Net Security People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate security against prying eyes. However, simple password protection on a PDF or Excel

React to this headline:

Loading spinner

How secure is the “Password Protection” on your files and drives? Read More »

Triangulation fraud: The costly scam hitting online retailers

Triangulation fraud: The costly scam hitting online retailers 2024-04-30 at 08:01 By Mirko Zorz In this Help Net Security interview, Mike Lemberger, Visa’s SVP, Chief Risk Officer, North America, discusses the severe financial losses resulting from triangulation fraud, estimating monthly losses to range from $660 million to $1 billion among merchants. He also highlights the

React to this headline:

Loading spinner

Triangulation fraud: The costly scam hitting online retailers Read More »

Most people still rely on memory or pen and paper for password management

Most people still rely on memory or pen and paper for password management 2024-04-26 at 08:02 By Help Net Security Bitwarden surveyed 2,400 individuals from the US, UK, Australia, France, Germany, and Japan to investigate current user password practices. The survey shows that 25% of respondents globally reuse passwords across 11-20+ accounts, and 36% admit

React to this headline:

Loading spinner

Most people still rely on memory or pen and paper for password management Read More »

What is multi-factor authentication (MFA), and why is it important?

What is multi-factor authentication (MFA), and why is it important? 2024-04-23 at 06:31 By Help Net Security Setting up MFA can seem daunting for consumers just beginning to clean up their security postures. In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity Consulting at BARR Advisory, shares tips for consumers who need simple, accessible

React to this headline:

Loading spinner

What is multi-factor authentication (MFA), and why is it important? Read More »

Who owns customer identity?

Who owns customer identity? 2024-04-18 at 07:31 By Help Net Security When I’m talking with prospective clients, I like to ask: which department owns customer identity? Everyone immediately looks towards a different team. While every team touches customer identity at some point, the teams that own it differ from organization to organization. From my experience,

React to this headline:

Loading spinner

Who owns customer identity? Read More »

EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA)

EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA) 2024-04-09 at 07:32 By Mirko Zorz EJBCA is open-source PKI and CA software. It can handle almost anything, and someone once called it the kitchen sink of PKI. With its extensive history as one of the longest-standing CA software projects, EJBCA offers proven robustness, reliability, and

React to this headline:

Loading spinner

EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA) Read More »

Strategies for secure identity management in hybrid environments

Strategies for secure identity management in hybrid environments 2024-04-09 at 07:02 By Mirko Zorz In this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. She emphasizes balancing and adopting comprehensive security controls, including cloud SSO and MFA technologies, to unify

React to this headline:

Loading spinner

Strategies for secure identity management in hybrid environments Read More »

How Google plans to make stolen session cookies worthless for attackers

How Google plans to make stolen session cookies worthless for attackers 2024-04-03 at 08:31 By Zeljka Zorz Google is working on a new security feature for Chrome called Device Bound Session Credentials (DBSC), meant to prevent attackers from using stolen session cookies to gain access user accounts. Session (i.e., authentication) cookies are stored by browsers

React to this headline:

Loading spinner

How Google plans to make stolen session cookies worthless for attackers Read More »

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) 2024-03-27 at 13:16 By Zeljka Zorz Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells. “To our knowledge, the attack started 7 months ago,” Avi Lumelsky, a researcher at Oligo

React to this headline:

Loading spinner

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) Read More »

How security leaders can ease healthcare workers’ EHR-related burnout

How security leaders can ease healthcare workers’ EHR-related burnout 2024-03-27 at 08:05 By Help Net Security Staff experiencing burnout in healthcare settings is not something that security leaders typically worry about – unless, maybe, it is the security team itself that is suffering from it. Healthcare CISOs and privacy officers worry more about the confidentiality

React to this headline:

Loading spinner

How security leaders can ease healthcare workers’ EHR-related burnout Read More »

Scroll to Top